The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to stop Whm/cpanel from broadcasting user names?

Discussion in 'General Discussion' started by matt621, Feb 28, 2005.

  1. matt621

    matt621 Well-Known Member

    Joined:
    Jun 25, 2003
    Messages:
    175
    Likes Received:
    0
    Trophy Points:
    16
    Spammers send spam to username@domain.com

    I've found ways of solving that problem, here and abroad, however, one thing that has bothered me is how the spammers get the "username" in the first place. The clients username should be protected just like their password.

    But somehow whm/cpanel seems to be broadcasting this information. I have setup test accounts with jibberish usernames and sure enough it'll start getting spam if I don't take care of it.

    So how do we stop cpanel/whm from providing a list of user names on the box?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Well, only user hosted on the server can get a list of actual usernames. What you're most likely seeing are what are known as dictionary attacks. You can protect against those using an exim ACL that blocks the spammer after a number of attempts:
    http://www.configserver.com/free/eximdeny.html
     
Loading...

Share This Page